OTL logfile created on: 2012-01-09 02:43:41 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1023,17 Mb Total Physical Memory | 791,14 Mb Available Physical Memory | 77,32% Memory free
2,40 Gb Paging File | 2,28 Gb Available in Paging File | 94,72% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30,00 Gb Total Space | 19,59 Gb Free Space | 65,29% Space Free | Partition Type: NTFS
Drive D: | 98,86 Gb Total Space | 98,24 Gb Free Space | 99,36% Space Free | Partition Type: NTFS
Drive E: | 104,01 Gb Total Space | 64,53 Gb Free Space | 62,04% Space Free | Partition Type: NTFS
Drive F: | 575,11 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,73 Gb Total Space | 2,44 Gb Free Space | 65,54% Space Free | Partition Type: FAT32
 
Computer Name: INTEL | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-01-08 20:55:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.com
PRC - [2011-09-01 10:38:54 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2006-04-10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2006-03-02 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-09-01 10:38:54 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
MOD - [2006-09-14 00:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006-06-01 10:22:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - File not found [Disabled | Stopped] --  -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011-09-01 10:38:54 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009-06-02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006-04-10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-09-06 21:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-04-21 08:22:17 | 000,038,784 | R--- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvprt.sys -- (Axtmvprt)
DRV - [2009-04-21 08:22:03 | 000,040,064 | R--- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvmdm.sys -- (Axtmvmdm)
DRV - [2009-04-21 08:21:42 | 000,003,456 | R--- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvflt.sys -- (Axtmvflt)
DRV - [2009-02-09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-02-09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-01-30 11:57:50 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-11-03 23:45:48 | 000,178,913 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2006-10-31 06:50:24 | 000,028,416 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl02_xp.sys -- (AtcL002)
DRV - [2006-06-14 06:56:00 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005-10-18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
FF - prefs.js..keyword.URL: "http://search.bearshare.com/web?src=ffb&systemid=2&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-01-07 18:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011-10-10 12:34:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\PROGRA~1\Mozilla Firefox\components [2009-06-15 15:46:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\PROGRA~1\Mozilla Firefox\plugins [2010-10-07 11:45:01 | 000,000,000 | ---D | M]
 
[2007-11-29 12:07:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\2qzowemj.default\extensions
[2010-09-14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\2qzowemj.default\searchplugins\BearShareWebSearch.xml
[2012-01-09 02:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-06-15 15:46:05 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2007-12-01 11:56:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009-06-15 15:45:46 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2009-06-15 15:45:46 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2009-06-15 15:45:46 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2009-06-15 15:45:49 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2009-06-15 15:45:49 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2009-06-15 15:46:03 | 000,000,904 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-09-14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2009-06-15 15:46:03 | 000,001,419 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-06-15 15:46:03 | 000,000,926 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-06-15 15:46:03 | 000,000,866 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-06-15 15:46:03 | 000,001,198 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-06-15 15:46:03 | 000,001,693 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2006-03-02 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su/ocx/15102/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\DataMngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\DataMngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) -  File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Pulpit\zdjecia\czesuio.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Pulpit\zdjecia\czesuio.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-11-20 12:05:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-03-02 13:00:00 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{d37e4b41-9766-11dc-95dc-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d37e4b41-9766-11dc-95dc-806d6172696f}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- [2006-03-02 13:00:00 | 002,584,576 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = 7nf] -- "C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\sdx.exe" -a "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-01-09 02:43:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.com
[2012-01-08 22:52:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\@wazne
[2012-01-08 14:57:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012-01-08 14:57:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2012-01-08 14:57:20 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2012-01-01 11:36:04 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\elg.exe
[2011-12-31 13:22:41 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\dwo.exe
[2011-12-30 10:42:38 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ucw.exe
[2011-12-28 09:10:34 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ohu.exe
[2011-12-11 12:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\kornelia
[2010-10-01 20:48:33 | 000,090,112 | R--- | C] (Axesstel) -- C:\Program Files\axesstel.dll
[2007-11-24 15:40:22 | 001,322,749 | ---- | C] (PepeSoftware) -- C:\Program Files\Winamp_wersja_POLSKA.exe
[2007-11-24 15:27:52 | 008,725,912 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp55_full_emusic-7plus_pl-pl.exe
[2007-11-24 15:20:35 | 002,821,184 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp55_lite_en-us.exe
[2007-11-24 15:08:08 | 010,296,280 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp55_full_emusic-7plus_all.exe
[2 C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-01-09 02:43:12 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-09 02:43:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-01-09 02:40:10 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-09 02:31:42 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-01-08 20:55:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.com
[2012-01-08 16:38:06 | 064,207,032 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\setup_av_free.exe
[2012-01-08 14:57:19 | 000,011,924 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\et7bf56oua02021ha6w75v1k634o4w488165q8b8r2rod
[2012-01-08 14:57:18 | 000,011,924 | -HS- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\et7bf56oua02021ha6w75v1k634o4w488165q8b8r2rod
[2012-01-08 14:57:14 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-01-08 14:57:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-01-03 10:46:29 | 000,012,646 | -HS- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\gx1el51qok12671gs4f41w8w001e5b316374l5n2e6eql
[2012-01-03 10:46:29 | 000,012,646 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\gx1el51qok12671gs4f41w8w001e5b316374l5n2e6eql
[2012-01-01 11:36:04 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\elg.exe
[2012-01-01 11:28:42 | 000,012,914 | -HS- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ej5km26ily37141bh1m56u4k527s4q160006v8a5l8wvd
[2012-01-01 11:28:42 | 000,012,914 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\ej5km26ily37141bh1m56u4k527s4q160006v8a5l8wvd
[2011-12-31 13:22:41 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\dwo.exe
[2011-12-31 13:13:25 | 000,011,162 | -HS- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\71v56ar644dpmam84j1kq1b1jyt6k1amrrgo4d4k2g364
[2011-12-31 13:13:25 | 000,011,162 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\71v56ar644dpmam84j1kq1b1jyt6k1amrrgo4d4k2g364
[2011-12-30 10:42:38 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ucw.exe
[2011-12-30 10:34:55 | 000,011,914 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\oo885ni53i50wum44xh8uc
[2011-12-30 10:34:54 | 000,011,914 | -HS- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\oo885ni53i50wum44xh8uc
[2011-12-28 09:10:34 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ohu.exe
[2 C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-01-08 17:29:13 | 064,207,032 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\setup_av_free.exe
[2012-01-03 10:53:20 | 000,011,924 | -HS- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\et7bf56oua02021ha6w75v1k634o4w488165q8b8r2rod
[2012-01-03 10:53:20 | 000,011,924 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\et7bf56oua02021ha6w75v1k634o4w488165q8b8r2rod
[2012-01-01 11:36:04 | 000,012,646 | -HS- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\gx1el51qok12671gs4f41w8w001e5b316374l5n2e6eql
[2012-01-01 11:36:04 | 000,012,646 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\gx1el51qok12671gs4f41w8w001e5b316374l5n2e6eql
[2011-12-31 13:22:42 | 000,012,914 | -HS- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ej5km26ily37141bh1m56u4k527s4q160006v8a5l8wvd
[2011-12-31 13:22:42 | 000,012,914 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ej5km26ily37141bh1m56u4k527s4q160006v8a5l8wvd
[2011-12-30 10:42:40 | 000,011,162 | -HS- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\71v56ar644dpmam84j1kq1b1jyt6k1amrrgo4d4k2g364
[2011-12-30 10:42:40 | 000,011,162 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\71v56ar644dpmam84j1kq1b1jyt6k1amrrgo4d4k2g364
[2011-12-28 09:10:34 | 000,011,914 | -HS- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\oo885ni53i50wum44xh8uc
[2011-12-28 09:10:34 | 000,011,914 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\oo885ni53i50wum44xh8uc
[2011-12-07 14:27:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\{93175761-1150-4900-9D46-4AEF0C34E400}
[2011-10-10 12:34:35 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011-07-19 18:05:10 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ReminderNextRun
[2010-10-01 20:48:33 | 000,118,784 | R--- | C] () -- C:\Program Files\MSP_Uninstall.exe
[2009-01-03 21:05:06 | 000,019,715 | ---- | C] () -- C:\Documents and Settings\User\Dane aplikacji\NMM-MetaData.db
[2008-07-15 12:12:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-02-28 15:54:43 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
[2007-12-31 16:32:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007-12-01 16:46:02 | 000,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2007-12-01 16:29:45 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-11-29 12:09:06 | 000,001,277 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007-11-29 12:07:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007-11-24 15:36:07 | 000,558,802 | ---- | C] () -- C:\Program Files\winamp5x_pl.zip
[2007-11-24 15:03:37 | 000,000,732 | ---- | C] () -- C:\Program Files\winamp.m3u
[2007-11-21 17:13:54 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-11-21 16:22:18 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007-11-20 18:36:08 | 000,000,549 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007-11-20 13:49:23 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007-11-20 13:48:10 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007-11-20 12:56:44 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2007-11-20 12:56:44 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2007-11-20 12:56:42 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2007-11-20 12:56:42 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2007-11-20 12:56:42 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2007-11-20 12:56:42 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2007-11-20 12:56:42 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2007-11-20 12:56:42 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2007-11-20 12:56:42 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2007-11-20 12:56:42 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2007-11-20 12:23:39 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007-11-20 12:15:49 | 000,009,039 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007-11-20 12:15:49 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007-11-20 12:15:33 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-11-20 12:07:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007-11-20 12:02:44 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006-06-01 10:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-06-01 10:22:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-06-01 10:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-06-01 10:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-06-01 10:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-06-01 10:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-06-01 10:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-06-01 10:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-06-01 10:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-06-01 10:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-06-01 10:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-03-02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006-03-02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006-03-02 13:00:00 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2006-03-02 13:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2006-03-02 13:00:00 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006-03-02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006-03-02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006-03-02 13:00:00 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2006-03-02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006-03-02 13:00:00 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006-03-02 13:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2006-03-02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006-03-02 13:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-03-02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006-03-02 13:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006-03-02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004-02-29 12:49:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004-02-29 12:48:30 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

< End of report >